hostapd: fix CVE-2021-30004 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Stefan Ghinea <stefan.ghinea@windriver.com>	2021-04-09 16:12:08 +0300
committer	Armin Kuster <akuster808@gmail.com>	2021-04-23 18:45:08 -0700
commit	d126440422d9585ea400c04b29b0f3e0a07c05c8 (patch)
tree	fc239b268affa178607c1c54c62132c6b9b81484 /meta-python/recipes-devtools/python/python-systemd/0001-Provide-implementation-of-strndupa-for-musl.patch
parent	d2b027d8d8fcd7c759d60b6a09123748bb6de626 (diff)
download	meta-openembedded-d126440422d9585ea400c04b29b0f3e0a07c05c8.tar.gz

hostapd: fix CVE-2021-30004

In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. References: https://nvd.nist.gov/vuln/detail/CVE-2021-30004 Upstream patches: https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e2bd6a52bf689b77b237eaee3067d2b0b6eee3d5) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 98c5cddf677addcb9aa296a7437b92100a478566) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 730de4763a508234d09c755c838cdc4c8dd49493) Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-systemd/0001-Provide-implementation-of-strndupa-for-musl.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: